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A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 
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DETAILED ACTION 

Claims 1-5 are being examined. 



Specification 

The abstract of the disclosure is objected to because in line 5, the words "... that 
that" are repeated. Correction is required. See MPEP § 608.01(b). 

Claim Rejections -35 USC §112 

The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

Claim 2 is rejected under 35 U.S.C. 112, second paragraph, as being indefinite 

for failing to particularly point out and distinctly claim the subject matter which applicant 

regards as the invention. Claim states, . .where the values of T.sub.ho. . ." It is 

indefinite because T.sub.ho can be of any value; hence, it renders the claim indefinite. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1 and 2 are rejected under 35 U.S.C. 103(a) as being unpatentable 



over Watson et al, 6,775,704 (Watson hereafter). 
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As per claim 1 , Watson teaches a method of regulating TCP/IP connection 
requests (74, fig. 5, col. 6, line 34) which await service in a system by a TCP/IP 
connection control table (72, fig. 5; col. 7, lines 58-66; authentication system regulates 
and validates TCP/IP traffic and connection requests between the client and server) to 
prevent overload thereof, said method comprising the steps of: a) monitoring usage of 
said system on a dynamic basis (abstract, col. 2, lines 56-59 and 62-67; system 
monitors and regulates requests traffic between client and server for authentication 
purposes), b) dynamically computing a time-out value T.sub.ho which defines the time 
duration that a TCP connection request may await service by said system (95, fig. 6, 
col. 7, lines 29-31 ; authentication system dynamically generates tokens (associated with 
each request) with desired expiration times to prevent denial of service (DoS) attacks) , 
and c) removing from said TCP/IP connection control table all TCP/IP connection 
requests which have been awaiting service in said TCP/IP stack for a duration 
exceeding T.sub.ho (155, 158, fig. 10, col. 8, lines 64-66; the response and token 
packets are being validated by the authentication system (see fig. 7). If the token 
packet exceeds its expiration time (timeout value), the response packet (associated with 
the request) will be dropped or removed from system (table)). Watson does not 
specifically disclose based upon usage, dynamically computing a time-out value 
T.sub.ho. However, it would have been obvious to one of ordinary skill in the art to be 
motivated to introduce a variation of the Watson teachings by dynamically recomputing 
a time out value based upon usage to thwart or prevent system from overload or DoS 
attacks when system usage surges beyond normal expected rate. 
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As per claim 2, in conjunction with claim 1 , Watson teaches timeout values 
(T.sub.ho.) can be dynamically set as desired (col. 7, lines 29-32). Watson does not 
specifically disclose TCP/IP connection control table has size N.sub.size and an upper 
bound for usable table size of N.sub.abs <= N.sub.size, and where values of T.sub.ho 
are dynamically computed in a range [T.sub.min, T.sub.max]. However, it would have 
been obvious to one of ordinary skill in the art to be motivated to include ranges for 
connection table and time out values to control connection requests in order to prevent 
the system from overloading or DoS attacks. 

Claim 5 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Watson et al, 6,775,704 (Watson hereafter) in view of Applicant Admitted Prior Art 
(Applicant hereafter). 

As per claim 5, Watson does not specifically disclose T.sub.min has a value in a 
range of 0.01 to To 1 .0 sees, and T.sub.max has a value in a range of 60 to 120 sees. 
However, Applicant discloses half-open TCP connection time is usually less than a 
second or so while a typical timeout value associated with SYN flood is anywhere 
between 60 to 120 seconds (page 1 , paragraph 0005). Hence, it would have been 
obvious to one of ordinary skill in the art to set these ranges for normal and maximum 
connection times to regulate TCP/IP connections. 



Allowable Subject Matter 
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Claims 3-4 are objected to as being dependent upon a rejected base claim, but 
would be allowable if rewritten in independent form including all of the limitations of the 
base claim and any intervening claims. 

Conclusion 

The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

• Packer, 5,802,106; Ricciulli, 6,816,910; Galand etal, 6,424,624 ; Bernhard etal, 
6,609,205 ; Ogishi et al, 6,178,450 ; Schuba et al, 6,725,378 ; Srinivas, 
6,823,387 ; Chen et al, US Pub 2002/0103916 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jack P Nguyen whose telephone number is (571) 272- 
3945. The examiner can normally be reached on M-F 8:30-5:00 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Glenton Burgess can be reached on (571) 272-3949. The fax phone 
number for the organization where this application or proceeding is assigned is 703- 
872-9306. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 




